A secure element is either a tamper-resistant physical component able to store data and to provide services in a secure manner or a software component providing a trusted storage area and trusted services. In general, a secure element has a limited amount of memory, a processor with limited capabilities and is devoid of battery. For instance a UICC (Universal Integrated Circuit Card) is a secure element which embeds SIM applications for telecommunication purposes. A secure element can be installed, fixedly or not, in a terminal, like a mobile phone for example. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.
A secure element can be in the format of a smart card, or may be in any other format such as for example but not limited to a packaged chip as described in PCT/SE2008/050380, or any other format. A UICC can be used in mobile terminals in GSM, CDMA or UMTS networks for instance. The UICC ensures network authentication, integrity and security of all kinds of personal data. The UICC communicates and cooperates with the baseband (also called baseband processor or baseband radio processor) of the terminal equipment.
It is known to solder or weld the secure element in a host device, in order to get it dependent of this host device. This is done in M2M (Machine to Machine) applications. The same objective is reached when a chip (a secure element) containing a Payment application, SIM or USIM applications and files is contained in the host device. The chip is for example soldered to the mother-board of the host device or machine and constitutes an embedded-secure element (eSE).
A secure element may contain a profile which can include a set of applications, a set of personal data and a set of secret data.
The profile could be linked to a subscription. It may contain network access applications (NAA), payment applications or third party applications providing security for a specific service (e.g. NFC applications).
A physical secure element can emulate several virtual secure elements, each one represented as one profile. In such a case, these profiles are called logical profiles or virtual profiles. An emulated profile is hereinafter called virtual profile. Usually each virtual profile is a software based profile.
The invention concerns a way to manage several virtual profiles which are run in parallel in a single secure element.
In the state of the art, the basic behaviour is to manage only one active virtual profile at a time. An active virtual profile may use several logical channels in parallel. A swap operation allows to disable the currently active virtual profile and to active another one. Thus only one virtual profile is active at a time in a device session. Moreover, according to the ISO7816-4 standard, the logical channel 0 (zero) has a specific role: it is the default one allowing to retrieve the Answer-To-Reset (ATR) from the secure element. The logical channel 0 is allocated to the default selected application of the virtual profile. In addition, the logical channel 0 is used as the main channel for some types of commands (e.g. Proactive commands as defined in ETSI TS 102 223 for example).
There is a need to handle several sets of logical channel(s) for accessing as many virtual profiles simultaneously active in a secure element.